Everything related to Computer Security - Security Audits, Security Vulnerabilities, Intrusion Detection, Incident Handling, Forensics and Investigation, Information Security Policies, and a whole lot more.
Saturday, August 31, 2013
[SECURITY] [DSA 2747-1] cacti security update
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2747-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
August 31, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : cacti
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-5588 CVE-2013-5589
Two vulnerabilities were discovered in Cacti, a web interface for
graphing of monitoring systems:
CVE-2013-5588
install/index.php and cacti/host.php suffered from Cross-Site
Scripting vulnerabilities.
CVE-2013-5589
cacti/host.php contained an SQL injection vulnerability, allowing
an attacker to execute SQL code on the database used by Cacti.
For the oldstable distribution (squeeze), these problems have been fixed in
version 0.8.7g-1+squeeze3.
For the stable distribution (wheezy), these problems have been fixed in
version 0.8.8a+dfsg-5+deb7u2.
For the unstable distribution (sid), these problems have been fixed in
version 0.8.8b+dfsg-3.
We recommend that you upgrade your cacti packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJSIjM+AAoJEL97/wQC1SS++40H/RQJwb6+1U4HTa0oEe0XxDoc
tarEazGr4nyHq2iP9yLKAZQAxtXZsLBznUGhIQVNplNpjRCVVATtLl+gzazvpQJk
EDZdtlJkOrC5nvlsGmhXs7WWukemU/gkaskfXwd0/G3w1HxuSWmbdSuyyaKbYPZB
opDiko0aDPrOo/2dRP/45J20lJ0zVn4C62HZvs6u8RCyji9yADibHe3J4QWlaj8G
ZsHCoVjUgkA81fBiI/H42Wqiewf0+R56CXLsf/csEk7vMmGZYpfnd8trvS9I5Yx2
4ZQVbzWiX4ItvWmljWDLtBy11xKC5tz1bM5mKDAY2oAtM+S2rCzar5uLoduvwEk=
=pAOw
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/87fvtp7mt3.fsf@mid.deneb.enyo.de
RE
su
1.Names ............
2.Dirección ........
3.Country .........
--
El servicio de correo misena es soportado tecnológicamente por © Google y
ofrecido por el Servicio Nacional de Aprendizaje – SENA de manera gratuita
a todos los colombianos y en especial a los aprendices e instructores de
Programas de Formación Titulada y Complementaria. Los contenidos, textos,
imágenes, archivos y puntos de vista enviados en este mensaje son
responsabilidad exclusiva del remitente y no reflejan ni comprometen
oficialmente a la institución. No se autoriza el uso de esta herramienta
para el intercambio de correos masivos, cadenas o spam, ni de mensajes
ofensivos, de carácter político, sexual o religioso, con fines de lucro,
con propósitos delictivos o cualquier otro mensaje que se considere
indebido o que vaya en contra de la Ley.
Friday, August 30, 2013
Invitation: Hello. @ Sat 31 Aug 2013 00:00 - 01:00 (jessicaali119@gmail.com)
Hello.Hello, My name is Miss Jessica Ali, It give me a great pleasure to write you. I was browsing when i came across your email contact and it attracts me to write to you so that we can be friends if you will have the desire as me. i will be very happy to be in communication with you so that we can get to know each other better and see what happens in future. I await your reply so that i can tell you more about my self and give you my picture. I will be waiting to hear from you on my E-mail: jessicaali1993@yahoo.fr Have a great day. Thanks.
Going? | ||||||
Invitation from Google Calendar You are receiving this courtesy email at the account security.world@gmail.com because you are an attendee of this event. To stop receiving future notifications for this event, decline this event. Alternatively, you can sign up for a Google account at https://www.google.com/calendar/ and control your notification settings for your entire calendar. |
New iPAS System Gets
I know you get a lot of mail with offers, but I want you to read this
one carefully!
I'm looking for serious people who want to work part-time or even
full-time from home marketing a new viral blogging platform that can
be used for promoting any type of business, blogging about trending
news, viral videos, and just cool and fun stuff.
This new blogging platform will include Social media syndication,
both audio and video blogging capabilities via mobile app and many
other cool features!
We are helping 1000's make 4 figure, 5 figure and even 6 figure
incomes per month online.
Over $60 Million in commissions have already been paid out in the
last 18 months!
We are now paying out an average of over $1 Million a week in
commissions.
So, if that's of interest to you, then enter your email and watch this:
http://linkprosperity.com/new-ipas-system-gets-1-2-paid-referrals-daily
You can get some insight on our exclusive marketing system, iPAS,
that in just 2 short weeks has created over $30,000 in sales
commissions for our members.
Here is the I PAS system:
http://superwebsecrets.com/iPAS-System/?id=coy123
More additional info can be found here: http://ipaskit.uwanted2know.com
Here is my contact details if you have any questions:
Jeff Kellum
Skype: jeffcoy1
PHONE+447449980449
EMAIL:coy.e.kellum@btinternet.c
Some good news on gun violence prevention
Joe -- It's not every day that we get good news in the fight to prevent gun violence, so I wanted to make sure you saw this: Even though Congress has failed to act in the nine months since Newtown, President Obama took two executive actions yesterday to help keep weapons out of the hands of dangerous people. Read more about this announcement, and be sure to share the good news -- here's an Associated Press story you can share on Facebook -- or on Twitter. Yesterday's announcement involves two executive actions -- here's what they do: #1. Close a loophole that allowed some dangerous weapons to be purchased without a background check. Currently, people -- including convicted felons and domestic abusers -- can buy machine guns and short-barreled shotguns and register them to trusts or corporations to avoid a background check. Not anymore: That loophole is now closing.These are big steps forward to keep our families and communities safer -- but we also know they're not enough. Only Congress can pass legislation expanding background checks for gun sales -- that's why we can't let up. Share the great news today -- and ask your friends to join our fight. Post it on Facebook: http://my.barackobama.com/AP-Gun-Action-Update-FB Or tweet it out today: http://my.barackobama.com/AP-Gun-Action-Update-TW Thanks for being part of this, Kelly Kelly Byrne Gun Violence Prevention Campaign Manager Organizing for Action ---------------- The other side will spend millions to maintain the status quo. We're fighting for change -- chip in $5 or more to support OFA today. | |
| |
Contributions or gifts to Organizing for Action are not tax deductible. | |
This email was sent to: securityworld@gmail.com. |
Security Management Weekly - August 30, 2013
|
Sarah Palin's latest
Joe -- This is the last thing I wanted to talk about before Labor Day weekend, but you gotta hear this: Former Alaska Governor Sarah Palin just joined the "Defund Obamacare" movement -- a group of people, including 80 members of Congress, who are willing to sabotage the economy because they don't like Obamacare. This is the kind of reckless nonsense President Obama is up against in trying to pass a smart budget that actually grows the economy for the middle class. OFA is here to fight back -- because when it comes down to it, I doubt the American people are going to like hearing that people are threatening to shut down the government instead of passing a budget. Thanks for being a voice of reason. For the sake of our national sanity, will you take the next step in this fight, and chip in $5 or more to support OFA? Congress has a budget deadline of September 30th. All next month, OFA is going to push Congress to consider President Obama's plan for the country -- one that focuses on creating jobs and growing the economy, instead of scoring political points. We'll be calling out the radical members of Congress for their recklessness -- and asking John Boehner to be a leader and stand up to his colleagues. Because if our representatives don't know that there's a price to pay for this kind of nonsense, it's not ever going to stop. Chip in $5 or more today to support our work: https://donate.barackobama.com/Pass-a-Smart-Budget Thanks, Jon Jon Carson Executive Director Organizing for Action ---------------- The other side will spend millions to maintain the status quo. We're fighting for change -- chip in $5 or more to support OFA today. | |
| |
Contributions or gifts to Organizing for Action are not tax deductible. | |
This email was sent to: securityworld@gmail.com. |
CV for Senior position in HR/Admin/IR
Unisys going on offense in server and security markets
Hot products from VMworld 2013 | Facebook report on government data requests a reminder there is no privacy | ||||||||||
Network World Compliance | ||||||||||
WEBCAST: HP Intel VMware The Cloud: Why the Hybrid Cloud May Be Best A combination of the public and private cloud, the hybrid cloud fits the needs of a broad range of enterprises. View Now! In this Issue
WHITE PAPER: Condusiv Technologies IDC: I/O Optimization Boosts Virtualization Performance In this Tech Spotlight, IDC highlights the plague of unnecessary I/O in virtual environments, the need for software intelligence to remove it, the importance of I/O optimization at the top of the stack and why Condusiv should be considered as an alternative to hardware for performance. Read now! Hot products from VMworld 2013 Facebook report on government data requests a reminder there is no privacy Three types of DNS attacks and how to deal with them WHITE PAPER: Mitel Networks Computerworld Report: Wrangling Your Mobile Devices This report looks at how IT executives at companies large and small are learning to embrace the mobile device trend, by rethinking their strategies, hammering out new policies and locking down their critical data. Learn More Anonymous responds to FBI claims of victory with record leaks Next Microsoft CEO faces rocky road in easing NSA-fueled privacy worries VMware spotlights key NSX security tool for deploying security software and services WHITE PAPER: Verizon Secure, Stable Cloud Computing Business-critical applications in the cloud require the highest level of multilayered security. Learn how Terremark's secure, advanced data centers and clustered grid architecture provide the redundancy needed to keep critical systems up when hardware goes down while also providing monitoring, backups, patching and incident management. Learn More Developers hack Dropbox, show how to access to user data Tesla Model S vulnerable to hackers, kind of Hackers may cash in when XP is retired Sept. 23 deadline looms for business compliance with HITECH Act on patient privacy | ||||||||||
SLIDESHOWS Hot products from VMworld 2013 Click through to see all the latest from the show in San Francisco. JOIN THE NETWORK WORLD COMMUNITIES As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity). MOST-READ STORIES 1. Juniper kills MobileNext mobile packet product line 2. IBM starts restricting hardware patches to paying customers 3. Old electronics don't die, they pile up 4. School starts mass social media surveillance of students for their 'safety' 5. Developers hack Dropbox, show how to access user data 6. Spear phishing led to DNS attack against the New York Times, others 7. Cisco in for a virtual fight 8. Apple's iPhone trade-in program is a game changer 9. Hot products from VMworld 2013 10. Linus Torvalds celebrates 22 years of Linux with nostalgic message | ||||||||||
Do You Tweet? You are currently subscribed to networkworld_compliance_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2013 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. ** |